Queue member status would not always get updated properly when the member
was called, thus resulting in the member getting multiple calls. With this
change, we update the member's status at the time of calling, and we also
check to make sure the member is still available to take the call before
placing an outbound call.
(closes issue ASTERISK-16115)
reported by nik600
Patches:
app_queue.c-svn-r370418.patch uploaded by Italo Rossi (license #6409)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@372048 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When an IAX2 call is made using the credentials of a peer defined in a dynamic
Asterisk Realtime Architecture (ARA) backend, the ACL rules for that peer are
not applied to the call attempt. This allows for a remote attacker who is aware
of a peer's credentials to bypass the ACL rules set for that peer.
This patch ensures that the ACLs are applied for all peers, regardless of their
storage mechanism.
(closes issue ASTERISK-20186)
Reported by: Alan Frisch
Tested by: mjordan, Alan Frisch
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@372015 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The AMI Originate action can allow a remote user to specify information that can
be used to execute shell commands on the system hosting Asterisk. This can
result in an unwanted escalation of permissions, as the Originate action, which
requires the "originate" class authorization, can be used to perform actions
that would typically require the "system" class authorization. Previous attempts
to prevent this permission escalation (AST-2011-006, AST-2012-004) have sought
to do so by inspecting the names of applications and functions passed in with
the Originate action and, if those applications/functions matched a predefined
set of values, rejecting the command if the user lacked the "system" class
authorization. As noted by IBM X-Force Research, the "ExternalIVR"
application is not listed in the predefined set of values. The solution for
this particular vulnerability is to include the "ExternalIVR" application in the
set of defined applications/functions that require "system" class authorization.
Unfortunately, the approach of inspecting fields in the Originate action against
known applications/functions has a significant flaw. The predefined set of
values can be bypassed by creative use of the Originate action or by certain
dialplan configurations, which is beyond the ability of Asterisk to analyze at
run-time. Attempting to work around these scenarios would result in severely
restricting the applications or functions and prevent their usage for legitimate
means. As such, any additional security vulnerabilities, where an
application/function that would normally require the "system" class
authorization can be executed by users with the "originate" class authorization,
will not be addressed. Instead, the README-SERIOUSLY.bestpractices.txt file has
been updated to reflect that the AMI Originate action can result in commands
requiring the "system" class authorization to be executed. Proper system
configuration can limit the impact of such scenarios.
(closes issue ASTERISK-20132)
Reported by: Zubair Ashraf of IBM X-Force Research
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371998 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In r294740, the CODING-GUIDELINES was removed from the doc folder in favor
of the content on the Asterisk wiki. Some folks still look in the doc folder
initially for coding guideline suggestions; as such, this patch adds a
CODING-GUIDELINES file back into the doc folder. The content of the file
merely points to the correct page on the Asterisk wiki where the coding
guidelines currently live.
(closes issue ASTERISK-20279)
Reported by: Andrew Latham
Patches:
CODING-GUIDELINES.diff uploaded by Andrew Latham (license 5985)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371961 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Dummy channels usually aren't read from, but functions like SHELL and CURL
use autoservice on the channel.
(closes issue ASTERISK-20283)
Reported by: Gareth Palmer
Patches:
svn-371580.patch (license #5169) patch uploaded by Gareth Palmer (modified)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371888 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The v1.8 -r369258 change to fix the F and F(x) action logic introduced a
regression in passing the hangup cause from the called channel to the
caller channel.
(closes issue ASTERISK-20287)
Reported by: Konstantin Suvorov
Patches:
app_dial_hangupcause.patch (license #6421) patch uploaded by Konstantin Suvorov (modified)
Tested by: rmudgett
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371860 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The documentation made it sound as if the DTMF acknowledgment was needed
at the time the agent logs in, rather than when the agent is called. This
is likely a relic from the days when there were multiple ways of logging
in agents.
(closes issue AST-962)
reported by Steve Pitts
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371787 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The "Waiting" field was misdocumented as reporting the number of
messages waiting. In reality, it simply indicated the presence or
absence of waiting messages.
(closes issue AST-975)
reported by John Bigelow
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371782 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The original implementations simply wrap pthread functions, which take
absolute time as an argument. The spinlock version for systems without
those functions treated the argument as a delta. This patch fixes the
spinlock version to be consistent with the pthread version.
(closes issue ASTERISK-20240)
Reported by: Egor Gorlin
Patches:
lock.c.patch uploaded by Egor Gorlin (license 6416)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371718 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When compiling with BETTER_BACKTRACES enabled, Asterisk will sometimes
crash when "core show locks" is run. This happens regularly in the
testsuite since several tests run "core show locks" to help with
debugging. This seems to be a fault with libraries on certain operating
systems (notably CentOS 6.2/6.3) running on virtual machines and
utilizing gcc 4.4.6.
(closes issue ASTERISK-20090)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371690 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This fixes three main issues
* Change asprintf() uses to ast_asprintf() so that it
pairs properly with ast_free() and no longer causes
MALLOC_DEBUG to freak out.
* When ast_asprintf() fails, set the pointer NULL if
it will be referenced later.
* Fix some memory leaks that were spotted while taking
care of the first two points.
(Closes issue ASTERISK-20135)
reported by Richard Mudgett
Review: https://reviewboard.asterisk.org/r/2071
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371590 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In some cases, recovering lost packets using the secondary packet
recovery mechanism with UDPTL/T.38 can result in the recovery of
zero-length packets. These must be ignored or the frame generated from
them can cause segfaults and allocation failures.
(closes issue ASTERISK-19762)
(closes issue ASTERISK-19373)
Reported-by: Benjamin (bulkorok)
Reported-by: Rob Gagnon (rgagnon)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371544 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When formatting documentation fields, the XML documentation parser calls
xmldoc_get_formatted. This function allocates a string buffer at the
beginning of its routine. Unfortunately, on certain code paths, it also
calls xmldoc_string_cleanup, which assumes that it will create the string
buffer. The previously allocated string buffer is then leaked by the
xmldoc_string_cleanup routine.
Now: we don't do that.
(closes issue AST-932)
Reported by: Alexander Homig
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371469 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When Asterisk is built with TEST_FRAMEWORK defined, Asterisk will now
generate TestEvent AMI events on subsystem reloads such as cdr, dnsmgr,
extconfig, etc.
(issue PQ-1126)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371436 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This adds AMI events for module reloads when Asterisk is built with
TEST_FRAMEWORK enabled and corrects generation of the module load AMI
event.
(issue PQ-1126)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371393 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The strtol family of functions will return *_MIN/*_MAX on overflow. To
detect when an overflow has happened, errno must be set to 0 before
calling the function, then checked afterward.
(closes issue ASTERISK-20120)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2073/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371392 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Previously the pvt SIP_OUTGOING flag was used instead, which will frequently
flip during reinvites.
(closes issue AST-897)
Reported by: Thomas Arimont
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371357 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Under certain conditions, a SIP transaction involving directmedia wouldn't
trigger a re-invite because the SDP answer was included in an ACK instead
of in a message that we would have triggered the invite with. This patch
just queues a source change control frame if the dialog is using
directmedia when we find sdp for an ACK.
(closes issue AST-913)
Reported by: Thomas Arimont
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371337 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If a static queue had realtime members, then there could be a potential
for those realtime members not to be properly deleted from memory.
If the queue's members were loaded from realtime and then all the
members were deleted from the backend, then the queue would still
think these members existed. The reason was that there was a short-
circuit in code such that if there were no members found in the
backend, then the queue would not be updated to reflect this.
Note that this only affected static queues with realtime members.
Realtime queues with realtime members were unaffected by this issue.
(closes issue ASTERISK-19793)
reported by Marcus Haas
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371306 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The other instance of this bug was fixed by jcolp/file in r121496. If
we are destroying a dialog only set the MWI dialog pointer on the
related peer to NULL if it is the dialog currently being destroyed.
(closes issue ASTERISK-20119)
Patch-by: Misha Vodsedalek
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371270 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This adds test instrumentation for loading and unloading of modules
and for certain actions in MeetMe to be used in the testsuite or any
other consumer of AMI events. These will only be generated when
Asterisk is built with TEST_FRAMEWORK enabled.
(issue PQ-1131)
(issue PQ-1133)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371201 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* The RemoveQueueMember app made mention of options that could
be passed in, but no options are supported. I have removed the
listing of options from the documentation.
* The RQMSTATUS variable did not list "NOTDYNAMIC" as a possible
value that could be set.
(closes issue AST-949)
reported by Steve Pitts
(closes issue AST-954)
reported by Steve Pitts
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371141 65c4cc65-6c06-0410-ace0-fbb531ad65f3
(CONGESTION/BUSY) due to call hasn't gone there really.
This indication arrive from asterisk core not h.323 stack
(closes issue ASTERISK-19308)
Reported by: Dmitry Melekhov
Patches:
ASTERISK-19308.patch
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@371089 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The documentation for the x flag for MeetMe incorrectly described its
function as closing down the conference when the last marked user left.
It actually causes the users with that flag to leave the conference
when the last marked user exits. The functionality of this flag is not
changing.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370985 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a channel hangs up while being spied upon and the option to exit the
ChanSpy application when the spied on channel hangs up is set,
ast_autochan_destroy is not being called and therefore a reference to the spied
upon channel is not removed.
The symptom being reported was that when using func_group in the dialplan and
calling "group show channels" at the cli, the spied upon channel was still
being shown while "core show channels" showed that the channel was not up.
This patch calls ast_autochan_destroy when a spied upon channel hangs up and
the option to exit the ChanSpy application is set, removing the reference to
the channel allowing the count for the group that the spied channel was part of
to be decremented.
(closes issue ASTERISK-17515)
Reported by: Arkadiusz Malka
Tested by: Alexandr Gordeev, Michael L. Young
Patches:
asterisk-17515-destroy-autochan.diff
uploaded by Michael L. Young (license 5026)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370952 65c4cc65-6c06-0410-ace0-fbb531ad65f3
AST_CAUSE_NOTDEFINED is a placeholder for usage when there is no cause
information. As such, it should not be defined and translatable as a
cause.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370923 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The flash-hook the bridged peer feature now correctly determines if the
bridged peer is another chan_dahdi channel, that it is an analog channel,
and that it has the correct signaling for an FXO port. It now also
flash-hooks the correct channel.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370900 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This is based on the review request posted by Walter Doekes
(referenced lower in the commit message)
The main fix here is to treat the IPorHost portion of the dial
string as a temporary outbound proxy. This ensures requests
get sent to the proper location.
Due to the age of the request, some parts were no longer relevant.
For instance, the request moved outbound proxy parsing code into
a single method. This is done in a previous commit, so it was not
necessary to do again.
Also, the review request fixed some errors with regards to request
routing for CANCEL and ACK requests. This has also been fixed in
more recent commits.
(closes issue ASTERISK-19677)
reported by Walter Doekes
Review https://reviewboard.asterisk.org/r/1859
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370769 65c4cc65-6c06-0410-ace0-fbb531ad65f3
With a large number of SIP peers registered, performing a SIP reload causes a
flood of SIP OPTIONS request packets. These are immediately sent out, and, as
responses come back, can cause peers to be flagged as 'lagged' due to handling
of the many response messages.
This fix prevents this "packet storm" and schedules the pokes for a random
time. That time varies between 1 ms and the peer's qualify time, or, if
the qualify time is unknown, the global qualifyfreq setting.
The committed patch has some very small modifications to the patch schmidts
wrote for the review.
(closes issue ASTERISK-19154)
Reported by: Nicolo Mazzon
patches:
issue19154.patch license #6034 uploaded by schmidts
Review: https://reviewboard.asterisk.org/r/1652
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370666 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This replaces all calls to alloca() with ast_alloca() which calls gcc's
__builtin_alloca() to avoid BSD semantics and removes all NULL checks
on memory allocated via ast_alloca() and ast_strdupa().
(closes issue ASTERISK-20125)
Review: https://reviewboard.asterisk.org/r/2032/
Patch-by: Walter Doekes (wdoekes)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370642 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When Asterisk servers are set up back-to-back, and
direct media is to be used betweeen endpoints, it is
fairly common for the two Asterisk servers to send
direct media reinvites to each other simultaneously.
This results in 491s and ACKs being exchanged between
the servers. While the media eventually gets set up
properly, the problem is that there can be a noticeable
delay for the streams to stabilize.
This patch adds a new directmedia option called "outgoing".
With this set, an immediate direct media reinvite will only
be sent if the call direction is outgoing. For incoming
dialogs, an immediate direct media reinvite will not be sent,
but further "reactionary" direct media reinvites may be sent.
For those who are having some deja vu, that's because this
patch was originally committed to trunk since there is a
new configuration option added. After seeing a bug report
about audio being slow to set up on SIP calls, it became
apparent that this patch would be the best solution for
resolving the issue. The patch is unintrusive and will
have no effect unless the option is explicitly enabled.
(closes issue AST-896)
reported by Thomas Arimont
(closes issue ASTERISK-19857)
reported by Matt Jordan
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370618 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The while loop responsible for reading AGI messages from a fastAGI service
can end up looping indefinitely when an AGI script fails to indicate the end
of a message with a \n character. This patch adds an indication that we are
expecting a \n character to end the message to make it more clear to users
that this is necessary if they are receiving this warning over and over.
(issue ASTERISK-20061)
Reported by: Eike Kuiper
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370494 65c4cc65-6c06-0410-ace0-fbb531ad65f3
